04/03/2018 1006 views
We have Macs in our environment that run macOS 13, which is now supported by the new SEP 14 client - Symantec A/V. 
We push the installation package - SEPremote.pkg - through KACE with an installer command. 

The problem is that the KACE install triggers Gatekeepr - the built-in malicious app protection in macOS which prevents unidentified applications from being installed. The users get a warning message telling them Symantec is trying to install an application, and they usually do not allow the install. We need a silent install. 

I'm not sure why the Symantec installation package is not identified by Apple, and Symantec support has been unhelpful and unknowledgeable about this. 

 I know I can turn off gatekeeper completely by running spctl --master-disable, but I don't want to compromise our users. I'm thinking maybe turning it off temporarly, via script on KACE, and have both the managed install and the script run back to back on a specific schedule (this way we can use the script for other problematic installs), but this is a high-risk solution and I'd much rather approve only this specific install. 

There must be someone else out here with a similar issue who found a solution. I'd love to hear more about it! 

Thanks in advance. 

0 Comments   [ + ] Show comments


There are no answers at this time